The United States has reportedly paused its offensive cyber operations against Russia as part of diplomatic efforts to engage Moscow in negotiations to end the war in Ukraine.
According to reports, U.S. Defense Secretary Pete Hegseth authorized the decision, which impacts hacking operations conducted by U.S. Cyber Command, the Pentagon’s division responsible for cyber warfare. However, intelligence-gathering activities by the National Security Agency (NSA) remain unaffected.
Major news outlets, including The New York Times and The Washington Post, have confirmed the order, stating that it was issued ahead of a meeting between U.S. President Donald Trump, Vice President JD Vance, and Ukrainian President Volodymyr Zelenskyy. The move is reportedly part of a broader strategy to encourage Russian President Vladimir Putin to engage in diplomatic discussions regarding the ongoing conflict in Ukraine.
A Shift in U.S. Cyber Policy?
The U.S. Cyber Command and the Pentagon have not provided official comments on the matter, with a senior defense official stating that they do not “discuss cyber intelligence, plans, or operations.”
Additionally, reports indicate that the Trump administration no longer considers Russian hackers a primary cybersecurity threat. According to The Guardian, a memo outlining new priorities for the Cybersecurity and Infrastructure Security Agency (CISA) excludes Russia from its list of critical cyber threats, instead focusing on challenges posed by China and domestic infrastructure security. Employees at CISA were reportedly informed that they should halt work related to Russian cyber threats.
However, the Department of Homeland Security, which oversees CISA, has denied these claims. In a statement, Tricia McLaughlin, Assistant Secretary of Homeland Security, asserted that the memo did not originate from the Trump administration. She emphasized that “CISA remains committed to addressing all cyber threats to U.S. critical infrastructure, including from Russia,” and stated that there has been no shift in policy or priorities regarding Russian cyber activities.
Contradictions and Concerns
The reported policy change comes just months after U.S. intelligence agencies identified Russia as a persistent cyber threat. In an annual threat assessment, intelligence officials warned that Russia’s Foreign Intelligence Service (SVR) continues to target critical U.S. infrastructure, including government agencies, industrial control systems, and undersea cables.
In recent years, the U.S. has taken decisive action against Russian cybercriminals. Law enforcement agencies have dismantled infrastructure used by Russian-linked ransomware groups, recovered millions in ransom payments, and issued sanctions and indictments against prominent Russian hackers.
The decision to halt cyber operations against Russia raises questions about U.S. cybersecurity strategy and its potential impact on national security. While diplomatic engagement with Moscow is a priority, some experts worry that pausing offensive cyber operations could leave the U.S. more vulnerable to future cyber threats.
